Overview

overview

7

Static

static

3

2024-10-12...ll.exe

windows7-x64

7

2024-10-12...ll.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-10-12_7fd7e8d15c002d5b78e4b6c0efb17319_mafia_stonedrill

  • Size

    388KB

  • Sample

    241012-gbthwaweqb

  • MD5

    7fd7e8d15c002d5b78e4b6c0efb17319

  • SHA1

    c74948b0b72a9a2c4365e3caa9788344a4631b7b

  • SHA256

    56ab59ce5ea456d97d2d9f8eb0fb842ef03ce8c68b6b1296dbbb7a40b074d847

  • SHA512

    ffba0076ec3c18dbaae4cb85bbb267b5d90762d5dc95f0fe153ec1d8725df17a64c36bd04407fcb15a74317e1becd8826b011cd25dfe368e105426d95310c860

  • SSDEEP

    12288:BqYXje0DF9k64/QSywqP0T8oIN1AHDFhY25fC2WF9s+204:BqYDF9k64/Q9j28okAHDHY25fC2WF9s3

Score
7/10
discoverypersistence

Malware Config

Targets

    • Target

      2024-10-12_7fd7e8d15c002d5b78e4b6c0efb17319_mafia_stonedrill

    • Size

      388KB

    • MD5

      7fd7e8d15c002d5b78e4b6c0efb17319

    • SHA1

      c74948b0b72a9a2c4365e3caa9788344a4631b7b

    • SHA256

      56ab59ce5ea456d97d2d9f8eb0fb842ef03ce8c68b6b1296dbbb7a40b074d847

    • SHA512

      ffba0076ec3c18dbaae4cb85bbb267b5d90762d5dc95f0fe153ec1d8725df17a64c36bd04407fcb15a74317e1becd8826b011cd25dfe368e105426d95310c860

    • SSDEEP

      12288:BqYXje0DF9k64/QSywqP0T8oIN1AHDFhY25fC2WF9s+204:BqYDF9k64/Q9j28okAHDHY25fC2WF9s3

    Score
    7/10
    discoverypersistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks